Web Application Vulnerabilities Index

This page lists vulnerabilities categorized as High severity that can be detected by Invicti.

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Select Vulnerability
Vulnerability Name
Classification
Severity
Vite Arbitrary File Read (CVE-2025-30208, CVE-2025-31125)
Vite Arbitrary File Read (CVE-2025-30208, CVE-2025-31125)
CWE-CWE-200
, 
High
Weak Basic Authentication Credentials
Weak Basic Authentication Credentials
CAPEC-16
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
, 
CWE-521
, 
ISO27001-A.9.4.3
, 
OWASP 2013-A6
, 
OWASP 2017-A3
, 
PCI v3.2-6.5.10
, 
WASC-15
, 
High
Weak Secret is Used to Sign JWT
Weak Secret is Used to Sign JWT
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
, 
CWE-347
, 
OWASP 2017-A2
, 
High
WebDAV Directory Has Write Permissions (IIS)
WebDAV Directory Has Write Permissions (IIS)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:H/RL:O/RC:C
, 
CWE-732
, 
ISO27001-A.9.4.1
, 
OWASP 2017-A6
, 
PCI v3.2-6.5.8
, 
WASC-17
, 
High
XML External Entity Injection
XML External Entity Injection
CAPEC-376
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H
, 
CWE-611
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A4
, 
PCI v3.2-6.5.1
, 
WASC-43
, 
High
XML External Entity Injection (IAST)
XML External Entity Injection (IAST)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-611
, 
High
XPath Injection (IAST)
XPath Injection (IAST)
CAPEC-66
, 
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
, 
CWE-20
, 
HIPAA-164.306(a)
, 
HIPAA-164.308(a)
, 
ISO27001-A.14.2.5
, 
OWASP 2013-A1
, 
OWASP 2017-A1
, 
PCI v3.2-6.5.1
, 
WASC-19
, 
High